Information Security Policy

SB OAI Japan GK ("the Company") has established this Information Security Policy, outlining its comprehensive and advanced measures against the risk of information leakage, in order to maintain the trust of its customers and society. In accordance with this Policy and the separately published Privacy Policy, the Company strives to maintain information security by appropriately managing its information assets and protecting them against various threats.

Operation of the Information Security Policy

  1. Establishment of an Information Security Management Framework

    The Company will strive to protect all information assets in its possession and establish a highly secure information security management framework that complies with applicable laws and other relevant requirements relating to information security, in order to continuously maintain the trust of society.

  2. Development of Internal Rules on Information Security

    The Company will establish internal rules based on this Information Security Policy and clearly define policies governing the handling of not only personal information, but also information assets in general. The Company will also make clear, both internally and externally, that it maintains a strict stance against information leakage and other security incidents. All employees will be responsible for understanding and complying with these rules in the course of their duties.

  3. Enhancement of Audit Systems

    The Company will establish systems for conducting internal audits to verify compliance with this Information Security Policy and related rules and standards. In addition, the Company will continue to undergo external audits for more objective evaluations. Through the planned implementation of these audits, the Company will demonstrate that its officers, employees, and other personnel comply with this Policy.

  4. Implementation of Robust Security Measures

    The Company will comply with applicable laws, regulations, standards, and contractual obligations relating to information security, while striving to meet customer expectations.

  5. Improvement of Information Security Awareness

    The Company will provide thorough information security education and training for its officers, employees, and other personnel so that all personnel handling the Company's information assets perform their duties with an appropriate level of information security awareness and knowledge. Such education and training will be provided regularly so that the Company can respond appropriately to evolving risks and circumstances.

  6. Strengthening of Oversight of Outsourcing Contractors and Other Third Parties

    When entering into outsourcing agreements, the Company will carefully assess the suitability of each contractor and request that they maintain security standards equivalent to or higher than those maintained by the Company. In addition, the Company will continuously review such contractors and work to strengthen the agreements in order to ensure that appropriate security standards are maintained.

Established on November 5, 2025
SB OAI Japan GK
Daichi Nozaki, CEO